Detector Sandbox

Category Started On Completed On Duration Detector Version
FILE 2017-05-22 13:07:51 2017-05-22 13:13:21 330 seconds 1.0-dev
Machine Label Manager Started On Shutdown On
detect1 winxpsp3_cn VirtualBox 2017-05-22 13:07:53 2017-05-22 13:13:21

File Details

VirusTotal File not found on VirusTotal

Signatures

No signatures matched

Screenshots

No screenshots available.

Static Analysis

Sections

Resources

Imports

Strings

Dropped Files

Nothing to display.

Network Analysis

Nothing to display.

Behavior Summary

Directory-Enumerated
  • C:\Python27\libs\*.*
  • C:\WINDOWS\AppPatch\*.*
  • C:\WINDOWS\Debug\*.*
  • C:\WINDOWS\addins\*.*
  • C:\Python34\Tools\*.*
  • C:\Python34\tcl\*.*
  • C:\Python34\include\*.*
  • C:\Python27\tcl\*.*
  • C:\WINDOWS\Driver Cache\*.*
  • C:\WINDOWS\msagent\*.*
  • C:\*.*
  • C:\WINDOWS\ime\*.*
  • C:\WINDOWS\java\*.*
  • C:\Documents and Settings\*.*
  • C:\WINDOWS\Help\*.*
  • C:\wtkaxe\lib\*.*
  • C:\WINDOWS\L2Schemas\*.*
  • C:\WINDOWS\Config\*.*
  • C:\Python27\Scripts\*.*
  • C:\wtkaxe\bin\*.*
  • C:\Python27\*.*
  • C:\WINDOWS\PeerNet\*.*
  • C:\WINDOWS\security\*.*
  • C:\Documents and Settings\All Users\*.*
  • C:\wtkaxe\modules\*.*
  • C:\Documents and Settings\will\*.*
  • C:\Python27\Lib\*.*
  • C:\WINDOWS\Resources\*.*
  • C:\WINDOWS\Cursors\*.*
  • C:\WINDOWS\srchasst\*.*
  • C:\Python27\include\*.*
  • C:\WINDOWS\repair\*.*
  • C:\Python27\Doc\*.*
  • C:\WINDOWS\Registration\*.*
  • C:\WINDOWS\Provisioning\*.*
  • C:\Python34\*.*
  • C:\WINDOWS\pchealth\*.*
  • C:\WINDOWS\msapps\*.*
  • C:\WINDOWS\ehome\*.*
  • C:\WINDOWS\system\*.*
  • C:\WINDOWS\Temp\*.*
  • C:\WINDOWS\Network Diagnostic\*.*
  • C:\WINDOWS\Media\*.*
  • C:\WINDOWS\system32\*.*
  • C:\Python34\libs\*.*
  • C:\WINDOWS\Connection Wizard\*.*
  • C:\wtkaxe\*.*
  • C:\Python27\DLLs\*.*
  • C:\Python27\Tools\*.*
  • C:\Python34\DLLs\*.*
  • C:\WINDOWS\*.*
  • C:\Python34\Doc\*.*
  • C:\WINDOWS\twain_32\*.*
  • C:\WINDOWS\SoftwareDistribution\*.*
  • C:\WINDOWS\WinSxS\*.*
  • C:\Python34\Scripts\*.*
  • C:\Documents and Settings\All Users\Favorites\*.*
  • C:\Python34\Lib\*.*
  • C:\WINDOWS\mui\*.*

Processes

registry filesystem process services network synchronization

lsass.exe PID: 668, Parent PID: 612

Demo.exe PID: 1400, Parent PID: 516

Volatility

Nothing to display.